2020-11-24 14:44:57 +00:00
|
|
|
global:
|
2021-02-25 22:44:33 +00:00
|
|
|
# hub: docker.io/istio
|
2022-09-14 17:08:14 +00:00
|
|
|
tag: 1.14.4-distroless
|
2020-11-24 14:44:57 +00:00
|
|
|
|
|
|
|
logAsJson: true
|
|
|
|
|
|
|
|
defaultPodDisruptionBudget:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
priorityClassName: "system-cluster-critical"
|
|
|
|
|
2022-04-20 13:36:08 +00:00
|
|
|
istiod:
|
2020-11-24 14:44:57 +00:00
|
|
|
pilot:
|
|
|
|
autoscaleEnabled: false
|
|
|
|
replicaCount: 1
|
|
|
|
|
|
|
|
nodeSelector:
|
2021-12-08 16:29:53 +00:00
|
|
|
node-role.kubernetes.io/control-plane: ""
|
2020-11-24 14:44:57 +00:00
|
|
|
tolerations:
|
|
|
|
- effect: NoSchedule
|
|
|
|
key: node-role.kubernetes.io/master
|
2022-10-27 12:27:42 +00:00
|
|
|
- effect: NoSchedule
|
|
|
|
key: node-role.kubernetes.io/control-plane
|
2020-11-24 14:44:57 +00:00
|
|
|
|
|
|
|
resources:
|
|
|
|
requests:
|
|
|
|
cpu: 100m
|
|
|
|
memory: 128Mi
|
|
|
|
# env:
|
|
|
|
# PILOT_ENABLE_MYSQL_FILTER: true
|
|
|
|
# PILOT_ENABLE_REDIS_FILTER: true
|
|
|
|
# PILOT_HTTP10: true
|
|
|
|
|
|
|
|
telemetry:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
meshConfig:
|
|
|
|
accessLogFile: /dev/stdout
|
|
|
|
accessLogEncoding: 'JSON'
|
2021-04-30 19:09:20 +00:00
|
|
|
tcpKeepalive:
|
|
|
|
interval: 60s
|
|
|
|
time: 120s
|
2021-08-25 13:58:55 +00:00
|
|
|
|
|
|
|
kiali-server:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
auth:
|
|
|
|
strategy: anonymous
|
|
|
|
|
|
|
|
deployment:
|
|
|
|
ingress_enabled: false
|
|
|
|
view_only_mode: true
|
|
|
|
|
|
|
|
server:
|
|
|
|
metrics_enabled: false
|
|
|
|
|
|
|
|
external_services:
|
|
|
|
custom_dashboards:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
prometheus:
|
|
|
|
url: "http://metrics-kube-prometheus-st-prometheus.monitoring:9090"
|
|
|
|
|
|
|
|
istio:
|
|
|
|
enabled: false
|
|
|
|
gateway: istio-ingress/private-ingressgateway
|
|
|
|
#url: "kiali.example.com"
|
|
|
|
|
|
|
|
|
|
|
|
rateLimiting:
|
2021-08-26 12:23:04 +00:00
|
|
|
enabled: false
|
2021-08-25 13:58:55 +00:00
|
|
|
|
|
|
|
log:
|
|
|
|
level: warn
|
|
|
|
format: json
|
|
|
|
|
|
|
|
# 1MB local cache for already reached limits to reduce calls to Redis
|
|
|
|
localCacheSize: 1048576
|
|
|
|
|
|
|
|
# Wether to block requests if ratelimiting is down
|
|
|
|
failureModeDeny: false
|
|
|
|
|
|
|
|
# rate limit descriptors for each domain, examples 10 req/s per sourceIP
|
|
|
|
descriptors:
|
|
|
|
ingress:
|
|
|
|
- key: remote_address
|
|
|
|
rate_limit:
|
|
|
|
unit: second
|
|
|
|
requests_per_unit: 10
|
|
|
|
|
|
|
|
privateIngress:
|
|
|
|
- key: remote_address
|
|
|
|
rate_limit:
|
|
|
|
unit: second
|
|
|
|
requests_per_unit: 10
|